Customer Stories: How Two Companies Retired Active Directory

More than ever, today’s businesses are looking for technology that’s remote ready, cost-effective, and competitive. And as legacy solutions fail to meet these expectations, many companies are exploring modern alternatives that enhance agility, productivity, and security.

This is particularly true with Active Directory (AD), Microsoft’s 20-year-old directory product that was a hit when it launched but now lacks the ability to support new devices, deliver frictionless WFH user experiences, or enable vital identity solutions like single sign-on (SSO) and multi-factor authentication (MFA) without costly and complex connections.

Businesses that still rely on AD are increasingly at risk of new threats, compromises, and vulnerabilities that the directory wasn’t built to address. And while retiring a solution as embedded in your infrastructure as AD might seem like a big change, it doesn’t have to be. Here are two organizations that opted for a gradual move away from AD—and saw benefits almost immediately.

Zoro supports growth by modernizing its directory

Zoro is an ecommerce supplier that was looking to grow and expand its business. The company doubled the size of its workforce from 2018 to 2020, and now earns more than 30,000 new customer acquisitions per month. It needed the right technology to support this growth, but the directory architecture inherited from its parent company made it difficult to identify how it was configured or managed. This impacted Zoro’s ability to connect services or SaaS apps, and offered no centralized application management.

This meant tasks like onboarding and offboarding users, securing, and keeping apps up-to-date, and ongoing licensing proved extremely difficult. Meanwhile, the user experience was highly segmented.

Zoro decided to fully embrace the cloud and reduce its reliance on on-premises legacy tools by turning to Okta’s Universal Directory (UD). With its new directory solution, Zoro could now:

• Provide a centralized user experience
• Automate all onboarding and offboarding
• Establish Okta as the single source of truth
• Transition all of its self-managed applications to SaaS-based tools
• Enable Adaptive MFA with Okta Verify
• Create user personas that helped identify various user needs
• Establish Okta as a prerequisite for future software vendor requests to simplify application and user management

With a directory that can keep pace with its year-over-year growth, Zoro is now set to continue its stratospheric rise.

Thoughtworks reaps the rewards of improved agility

Software consultancy Thoughtworks first began working with Okta in 2013, when it replaced its on-premises identity service and implemented MFA to replace its token-based second-factor service.

The company then began to realize that AD was holding it back: 95% of its users worked on Mac laptops and were extremely mobile, nearly all of its applications were SaaS-based, and it stored data in the cloud, yet AD made none of this easy or efficient. Thoughtworks’ initial AD deployment had inadvertently saddled the company with a complex and fragile setup. The business decided to start fresh with a solution that would simplify its architecture and support its ambitious plans for growth.

After realizing they could move beyond AD, Thoughtworks reversed the flow of data to establish UD as its source of truth and used Okta’s integration to establish Google as its company directory. The result has been well worth it: now virtually free of AD, the company has gone from 42 on-prem Domain Controllers in 2016 to just eight based on AWS. Provisioning new employees is now fully automated and remote capable, and Thoughtworks can easily deploy and experiment with new technologies such as passwordless authentication.

Thoughtworks has also seen a number of other benefits, including:

• Integrating Workday and moving to an entirely event-driven architecture
• A fully automated new hire process that includes pre-hire setup
• Groups and access policies that help automate application assignment
• An integration between Okta, ServiceNow, and SimpleMDM to fully automate laptop usage and device management worldwide

With liberated workflows and cloud-based solutions, Thoughtworks has freed its teams to do their best work from anywhere, without sacrificing security. Through UD, their directory is safer and more structurally sound—all while being tailored to the needs of their business.

Companies across industries and sectors are looking to free themselves of on-premises infrastructure. For more information on how Okta can help, read our Rethink AD ebook and check out my Oktane20 presentation, Customer Stories: The Road to Rethinking Active Directory.